ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (3): 616-630.doi: 10.7544/issn1000-1239.2020.20190086

• 信息安全 • 上一篇    下一篇

敏感渐进不可区分的位置隐私保护

王斌1,2,张磊1,2,张国印1   

  1. 1(哈尔滨工程大学计算机科学与技术学院 哈尔滨 150001);2(佳木斯大学信息电子技术学院 黑龙江佳木斯 154007) (jmsuwang@163.com)
  • 出版日期: 2020-03-01
  • 基金资助: 
    黑龙江省普通本科高等学校青年创新人才培养计划项目(UNPYSCT-2017149);黑龙江省省属本科高校基本科研业务费基金项目(2018-KYYWF-0937);黑龙江省自然科学基金优秀青年项目(YQ2019F018);佳木斯大学优秀学科团队项目(JDXKTD-2019008);中国博士后科学基金项目(2019M661260)

A Gradual Sensitive Indistinguishable Based Location Privacy Protection Scheme

Wang Bin1,2, Zhang Lei1,2, Zhang Guoyin1   

  1. 1(College of Computer Science and Technology, Harbin Engineering University, Harbin 150001);2(College of Information Science and Electronic Technology, Jiamusi University, Jiamusi, Heilongjiang 154007)
  • Online: 2020-03-01
  • Supported by: 
    This work was supported by the University Nursing Program for Young Scholars with Creative Talents in Heilongjiang Province (UNPYSCT-2017149), the Basic Scientific Research Service Fee Project of Heilongjiang Provincial Undergraduate Universities(2018-KYYWF-0937), the Natural Science Foundation of Heilongjiang Province of China for Excellent Young Scientists (YQ2019F018), the Excellent Discipline Team Project of Jiamusi University (JDXKTD-2019008), and the China Post Doctoral Science Foundation (2019M661260).

摘要: 用户在连续查询的移动过程中,由于面向目标位置的移动特性,表现出一种敏感程度不断提升的渐进式变化.攻击者可利用这种敏感程度渐进识别用户目标,进而获得其隐私信息,对用户隐私安全产生威胁.针对这种情况,从防止攻击者获得用户敏感位置渐进这一目标出发,依据广义差分隐私的基本原理并结合Voronoi图划分的位置信息处理,提出了一种ε-敏感程度不可区分的隐私保护方法.该方法通过在当前位置区域中添加噪声数据来满足ε-敏感程度不可区分,并以此实现用户的敏感渐进不可区分.但是通过在欧氏空间和路网环境分别展开测试的结果显示,大量添加噪声实现的敏感渐进不可区分在服务质量方面存在一定影响,因此又提出一种基于用户位置偏移减少噪声添加数量的算法改进.最后,通过对ε-敏感程度不可区分的隐私保护模型的安全性分析以及2种不同隐私实现策略的实验验证,可得出所提出的算法及算法改进具有较好的实际部署价值,并且具有同类算法不具备的隐私保护能力,可有效地阻止攻击者利用用户连续移动过程中的敏感程度渐进变化分析获得用户隐私的攻击行为.

关键词: 基于位置服务, 隐私保护, 敏感程度, 差分隐私, Voronoi图, 位置偏移

Abstract: When utilizing the location based service along the movement, the reported location of users will emerge a gradual ascending of sensitivity by characteristics of moving to the target. With the trend of sensitivity ascending, the adversary can identify the destination of a particular and even some other privacy information that jeopardize the security of the user. In order to cope with this type of attack and from acquiring, this paper proposes an ε-sensitive indistinguishable algorithm based on the conception of generalized differential privacy and Voronoi diagram. In this algorithm, the current region is divided by Voronoi diagram to calculate the value of location sensitivity then grids of diagram sensitivity that the contour will be generated, so dummies are added to current grids to achieve ε-sensitive indistinguishable for users in each grid. As a result, the gradually ascending sensitivity value of any particular user will be difficult to identify, and the privacy can be protected. However, the results of simulation experiment deployed in both of Euclidean space and road network showed that, plenty of dummy locations would affect the quality of location service in both of execution and calculation times, so an improvement with location shift version of this algorithm is proposed. At last, through the security analysis for the model of ε-sensitive indistinguishable as well as the experimental verification for two versions of this algorithm, this algorithm is better to be deployed in real environment and has a better level of location privacy than other similar algorithms. Accordingly, this algorithm can prevent the user from attacks of the adversary utilizing the trend of sensitivity ascending and protect the privacy of the user during the continuous movement.

Key words: location based-service, privacy protection, sensitive degree, differential privacy, Voronoi diagram, location shifted

中图分类号: